I recently added support for the HTTP/2 protocol on this server and I am really pleased with the additional performance gains. This VPS was already running a functional LAMP stack, so the following steps describe the necessary configuration changes for my setup which relies on Apache with PHP-FPM.

Now that I’ve been running this blog on Gentoo Linux for a while, I’ve discovered a few new potential gotchas when failing to pay attention while interacting with Portage. The latest addition to my list was nearly removing my running PHP installation with emerge --depclean.

Having a strict content Content Security Policy (CSP) can be a useful addition for your website security. However, when running a content management system (CMS) like WordPress, you’re often forced to make a few a undesired compromises.

I’ve received a few hundred requests originating from bots setting site.ru as their referrer. These attacks are scanning for compromised WordPress installations and PHP based shells and backdoors. The attacking IP’s belong to compromised hosts and websites from service providers around the world.

So you’ve patiently been waiting for the next Slackware release but eventually you’re considering making the move to Slackware-current. So what exactly is Slackware-current and what would be the pros and cons of switching from stable to -current.

My Raspberry Pi based hosting came to an abrupt end earlier this week as the RPi3 suddenly became unresponsive. Powering off and on the device resulted in an infinitive loop of I/O error messages. I’ve tried to recover the filesystem, but unfortunately my attempts proved to be unsuccessful.

I got the following ominous sounding message as I was about to fire up my Opera browser at the office today:

During the last few days I’ve been noticing a major surge in botnet traffic probing for the infamous Apache Struts 2 exploit, popular database setup and configuration scripts and even some old school cgi-bin vulnerabilities. The traffic originates from compromised hosts with major cloud vendors like Microsoft Azure, DigitalOcean, Vultr, Linode and OVH.

Accessing internal services on paranoidpenguin.net using self-signed certificates does no longer work in my preferred browser due to HSTS preloading. Instead of actually fixing the issue (or wait for Let’s Encrypt to roll out wildcard certificates), I decided to be clever and work around the restriction by installing a more “forgiving” web browser.